Network Security Channel

tools Red Team Tactics Exploiting Windows’ vulnerabilities with HyperV: A hacker’s swiss army knife https://github.com/Xyrem/HyperDeceit @Engineer_Computer

info Windows API Function Cheatsheets: A comprehensive reference of Windows system calls, including functions for file operations, process/memory/thread/DLL management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking/registry operations https://github.com/snowcra5h/windows-api-function-cheatsheets @Engineer_Computer

Malware analysis Akira Ransomware https://news.sophos.com/en-us/2023/05/09/akira-ransomware-is-bringin-88-back @Engineer_Computer

Threat Research 1. PowerDrop - malicious PowerShell script https://adlumin.com/post/powerdrop-a-new-insidious-powershell-script-for-command-and-control-attacks-targets-u-s-aerospace-defense-industry 2. Details of a critical TCP/IP RCE (CVE-2023-23416) https://fieldeffect.com/blog/cve-analysis-red-october-one-ping-too-many @Engineer_Computer

در ادامه پست قبل ؛ بدانیم اصولا هکر از چه روش‌هایی برای دستکاری لاگ استفاده می‌کند مقاله زیر در این زمینه مفید است . https://svch0st.medium.com/event-log-tampering-part-1-disrupting-the-eventlog-service-8d4b7d67335c @Engineer_Computer

اگر لاگها پاک شوند ، چطور حرکت عرضی هکر در سازمان را تشخیص دهیم ؟ در ویدئوی زیر از زبان مدرس سنز، پاسخ را داشته باشیم https://www.youtube.com/watch?v=H8ybADELHzk @Engineer_Computer

Red Team Tactics 1. From DA to EA with ESC5 https://posts.specterops.io/from-da-to-ea-with-esc5-f9f045aa105c 2. Attacking MS Configuration Manager (SCCM/MECM) https://www.securesystems.de/blog/active-directory-spotlight-attacking-the-microsoft-configuration-manager @Engineer_Computer

Barracuda customers, take note! If you've been affected by the zero-day flaw (CVE-2023-2868) in their Email Security Gateway appliances, it's time to replace them ASAP! Learn more: https://thehackernews.com/2023/06/barracuda-urges-immediate-replacement.html @Engineer_Computer

Windows Security Log Quick Reference #Windows #Log @Engineer_Computer

👉Independent students and corporate employees 📌We have designed special programs 4 you to hold courses that by transferring skills and knowledge will lead to your becoming more capable in designing, deploying and GRC📝🔎 cyber security projects in various industries in both IT and OT sectors. (دوست داري، متخصص امنيت سايبري بشي!؟ دوس داري!؟ 🤓😁 اگه همت اش و داري و پشتكار، ما به شما كمك مي كنيم) 👈دانشجو هاي آزاد و شاغلين سازماني 📌ما برنامه هاي ويژه اي براي شما طراحي كرديم تا دوره هاي برگزار كنيم كه با انتقال مهارت و دانش منجر به توانمند تر شدن شما در طراحي، استقرار و نظارت📝🔎 پروژه هاي امنيت سايبري در صنايع مختلف در دو بخش IT,OT شود. شعار ما: تداوم امن كسب و كار شما -Business Secure Continuity- https://www.linkedin.com/posts/diyako-secure-bow_cybersecurity-offensivesecurity-informationsecurityawareness-activity-7072269395795795970-NRgp?utm_source=share&utm_medium=member_ios @Engineer_Computer

PowerDrop, the malware designed to fly under the radar, is targeting the U.S. aerospace industry. Learn how it leverages ICMP messages and WMI services to compromise networks undetected. Learn more: https://thehackernews.com/2023/06/new-powerdrop-malware-targeting-us.html -Cyber Security awareness- Up2date 4 Defence Today, Secure Tomorrow @CisoasaService 1402.03.17

🚨 Heads up, Chrome users! Google has released a security update to fix a new high-severity zero-day vulnerability in its web browser that is being actively exploited by hackers in the wild. Update your browsers now: https://thehackernews.com/2023/06/zero-day-alert-google-issues-patch-for.html @Engineer_Computer

Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation https://www.mandiant.com/resources/blog/fortinet-malware-ecosystem @Engineer_Computer

🚨Vulnerability in Microsoft Windows NFS Protocol⚠️⚠️ -- 📣📣Microsoft CVE-2023-24941: Windows Network File System Remote Code Execution Vulnerability -- Severity 10 -- Description:- Microsoft CVE-2023-24941: Windows Network File System Remote Code Execution Vulnerability -- Mitigations:- This vulnerability is not exploitable in NFSV2.0 or NFSV3.0. Prior to updating your version of Windows that protects against this vulnerability, you can mitigate an attack by disabling NFSV4.1. This could adversely affect your ecosystem and should only be used as a temporary mitigation. #Warning:- You should NOT apply this mitigation unless you have installed the May 2022 Windows security updates. Those updates address CVE-2022-26937 which is a Critical vulnerability in NFSV2.0 and NFSV3.0. @Engineer_Computer

🔴 سورس کد Keygen برای ویندوز XP و سرور 2003 https://github.com/Neo-Desktop/WindowsXPKg #windows #windowsXP #windows_xp #xp #server #server2003 #server_2003 #keygen #source #code #sourcecode #source_code @Engineer_Computer